About Chor-Ching Fan

This author has not yet filled in any details.
So far Chor-Ching Fan has created 99 blog entries.

Shared Responsibilities: You’re Not (Totally) Off the Hook

2022-06-08T19:13:25+00:00

By Connor Payne Inherited controls from a cloud service provider such as Amazon Web Services (AWS) or Microsoft Azure include physical and environmental controls that a customer fully inherits from the provider. In general terms, shared responsibility means that the cloud service provider is responsible for the security of the cloud while the customer is [...]

Shared Responsibilities: You’re Not (Totally) Off the Hook2022-06-08T19:13:25+00:00

The FIPS 199 Categorization of Cloud System for FedRAMP

2022-02-04T14:22:06+00:00

By Greg Kent, Senior Vice President, CTO FedRAMP has control baselines for low, moderate, and high impact systems. The appropriate baseline, and therefore the particular control requirements that apply, depend on the system impact level or categorization. The FedRAMP impact level or categorization of a system is determined by formal process defined by FIPS Publication [...]

The FIPS 199 Categorization of Cloud System for FedRAMP2022-02-04T14:22:06+00:00

CMMC, Take 2.0 – 3 Strategic Tips for Success

2022-01-29T03:21:11+00:00

By Les Buday, Managing Director “Streamlined. Flexible. Secure.” This is the tagline listed on the CMMC website managed by the Office of the Under Secretary of Defense (OUSD) Acquisition & Sustainment (A&S). On this website you can find all of the information regarding the newly redefined Cybersecurity Maturity Model Certification (CMMC) program. More commonly referred to as [...]

CMMC, Take 2.0 – 3 Strategic Tips for Success2022-01-29T03:21:11+00:00

Follow the CUI for CMMC Compliance

2022-01-12T20:27:39+00:00

By Greg Kent “Follow the CUI.”  That is the standard practice that DoD contractors follow to determine exactly what system components and networks are within the scope boundary for Level 3 Cybersecurity Maturity Model Certification (CMMC) compliance.  Any system, network, or component that is used to store, process, transmit, or secure CUI should be included [...]

Follow the CUI for CMMC Compliance2022-01-12T20:27:39+00:00

Enterprise Security for the Remote Workplace – 3 Remote Access Settings Worth Reviewing

2022-02-04T14:19:54+00:00

By Tobias McCurry Although remote access into corporate networks isn’t new, such widespread, continuous use of remote access is.  Organizations very early on identified capacity issues, but some legacy security risks in remote access solutions may be exacerbated by the extensive use of remote access under a widespread work from home scenario.  Accordingly, it may [...]

Enterprise Security for the Remote Workplace – 3 Remote Access Settings Worth Reviewing2022-02-04T14:19:54+00:00

VDI for CUI

2022-02-04T18:53:42+00:00

By Josh Griswell One approach that contractors can take in approaching CMMC is including all of their infrastructure within the scope boundary for a CMMC certification. This means that all of the company’s components and devices would have to follow the processes and practices required by CMMC. The larger the company’s environment, the more complex [...]

VDI for CUI2022-02-04T18:53:42+00:00

SecureIT Joins Effort to Improve DoED Security

2022-01-29T01:59:34+00:00

June 9, 2021 The Department of Education (DoED) has selected a team that includes SecureIT for their Cybersecurity and Privacy Support Services (CPSS) contract program.  We look forward to working alongside our partners and providing our security, risk and audit expertise to address DoED's cybersecurity health and compliance requirements.

SecureIT Joins Effort to Improve DoED Security2022-01-29T01:59:34+00:00

Enhancing Laptop Security for the Remote Workplace

2022-02-04T13:55:42+00:00

By Greg Kent Many organizations leverage control points specifically architected into their on-premise infrastructure to enforce security policies.  When employees work from home, their computers may not access the corporate IT infrastructure, which bypasses these on-prem controls.  Consider, for example, an organization that controls the websites that employee laptops can access by routing outbound web [...]

Enhancing Laptop Security for the Remote Workplace2022-02-04T13:55:42+00:00

SecureIT Achieves Designation as StateRAMP Approved Assessor

2021-08-16T17:42:34+00:00

SecureIT is proud to announce its status as a StateRAMP Approved Assessor. StateRAMP was developed with procurement and IT officials in mind – to bridge the gap between the two offices and provide a framework of cybersecurity standards for government contractors. All too often procurement officials are challenged with procuring the best cloud services and software for the lowest price, without the [...]

SecureIT Achieves Designation as StateRAMP Approved Assessor2021-08-16T17:42:34+00:00

Sharpen Your Pencils for CMMC

2022-02-04T13:39:59+00:00

By Greg Kent Fall will be here before you know it, so now is a good time for DoD contractors to review their business development and contract strategy for the coming year. With CMMC being required for bidding on new contracts towards the end of 2020, there are big changes on the horizon. Once the [...]

Sharpen Your Pencils for CMMC2022-02-04T13:39:59+00:00
Go to Top